Wireshark Snow Leopard

Discussion in 'macOS' started by gustavoQ, Mar 31, 2011.

  1. gustavoQ macrumors newbie

    Joined:
    Apr 15, 2010
    #1
    Hello,

    i'm having problems running and installing the Wireshark for Mac OS X.

    I download Wireshark 1.4.4 Intel 64.dmg file put the appliction in app folder and try to run it, but nothing happens. I try run it by the X11 terminal and appear this error:

    I have this version of the xQuartz: XQuartz 2.3.6 (xorg-server 1.4.2-apple56).

    Than i try to install using the macport.
    In the terminal i put: port install wireshark. But the installation does not finish.
    This error appears:
    I don't know what to do anymore.
    Does anyone know what could be?

    Thank you
     
  2. Nmx- macrumors newbie

    Joined:
    Apr 1, 2011
    #2
    Worked for me

    Installation of WireShark V1.0 on Mac OS XWith V1.0 the WireShark project supports Mac OS X. The installation is not difficult, but mostly undocumented. This page shows, how I did it.
    Previously this page contained a launcher for WireShark, when installed via Fink or MacPorts. This is still available here.
    DownloadingFor Macs with Intel processor a binary package is available on the WireShark download page http://www.wireshark.org/download.html.
    Older Macs with PPC processor have to install it via Fink or MacPorts.
    Installation of Wireshare PackageThe base installation process is very Mac like. Open the downloaded .dmg disk image and move the WireShark application to your Applications folder (or anywhere else).
    After the first installation you currently have to do some additional stuff. This has to be done only once.
    Don't be confused by an eror message, when you try to open the "Read me first.rtf". Everything is fine with your download. This file is currently only a placeholder. It's empty, 0 bytes long.
    Fixing PermissionsIn previous versions WireShark was started with administrator priviledge through special launchers. In V1.0 it's no longer necessary to start it with special priviledges. You even get a warning when you do.
    The new (unpriviledged) WireShark application won't work properly, when preference files of an older (priviledged) WireShark are found. You have either delete the old preferences or give them "normal" access permissions.
    I prefer to keep my old preferences, so I change the file ownership of .wireshark from root back to my normal username.
    The following command in Terminal changes it:

    sudo chown -R <username> .wireshark
    You, of course, need this only, when you used WireShark before.
    Allowing Access to the Network InterfacesWhen starting the new WireShark you will notice that you can't do any sniffing, as there are no network interfaces available.
    To allow this, the BPF devices need to be accessable by WireShark. For more details have a look into Utilities → Startup → README.macosx on the WireShark disk image.
    The following commands in Terminal will install the necessary files to set the BPF permissions. Then all users with administrator rights will be able to sniff packets.

    sudo -s
    cd /Library/StartupItems
    cp -pR /Volumes/Wireshark/Utilities/Startup ChmodBPF
    chown -R root:wheel ChmodBPF
    exit
    After a reboot, WireShark should be able to access all network interfaces.
    Optional: Installing Command Line Versions of WireSharkIf you want to be able to use the WireShark utilities on the command line (Terminal), install some small scripts on your system.

    sudo install -p /Volumes/Wireshark/Utilities/Command\ Line/* /usr/local/bin
    If you haven't installed the WireShark application into /Applications, you have to tell the command line scripts, where to find it.
    Open .profile with an editor and add the line

    export WIRESHARK_APP_DIR="<Directory, where WireShark resides>/Wireshark.app"
    Then close all existing Terminal windows. With a new Terminal session you should be able to access WireShark utilities.


    taken from http://www.bernhard-ehlers.de/projects/Wireshark.html

    this method worked for me on my macbook 5,1 intel. Good luck
     

Share This Page